resend-integration-skills

This is a legitimate integration skill documentation for exposing Resend email capabilities to AI agents. I found no evidence of embedded malware, obfuscation, or hidden exfiltration code in the provided text. The primary risks are configuration and operational: examples that encourage putting API keys in command-line arguments or config files, recommending wildcard tool permissions ("*"), and repository-level Copilot configurations that permit autonomous email sending without human approval. These practices could lead to credential leakage or mass-email abuse if misused or if an MCP server endpoint is untrusted. Recommend using secret management (not inline keys), avoid command-line secrets, restrict tools allowlist, use least-privilege API keys, and only point HTTP transports to trusted endpoints.